module 3_lecture 3 - installing domain controllers
DESCRIPTION
Installing Domain controllerTRANSCRIPT
SYSTEM ADMINISTRATIONINSTALLING DOMAIN
CONTROLLERS
Dr. Zeeshan Bhatti
BSIT-IVModule 3: Lecture 3
PART-II
Installing Domain Controller
2
DOMAIN CONTROLLER (DC).
One of the greatest features of Windows Server 2003 is its ability to be a Domain Controller (DC).
The full features of a domain are beyond the scope of this workshop, but some of its most well known features are its ability to store user names and passwords on a central computer (the Domain Controller) or computers (several Domain Controllers).
In this tutorial we will cover the "promoting" (or creating) of the first DC in a domain. This will include DNS installation, because without DNS the client computers wouldn't know who the DC is.
You can host DNS on a different server, but we'll only deal with the basics. 3
WHAT IS A DIRECTORY SERVICE?
A service that helps track and locate objects on a network A service that helps track and locate objects on a network
Active Directory Management
UsersUsersServicesServicesWorkstationsWorkstations FilesFiles
The core function of any directory service is that it lets you find information on a network and make your own data network-accessible. 4
ACTIVE DIRECTORY DOMAINS
Boundary of Authentication
Boundary of Policies
Boundary of Replication
IIUM.edu.my
• Domains represent logical partitions within Active Directory for security and directory replication
• Microsoft.com” is an example of a domain name.• There is a one-to-one correspondence between Active Directory domains
and DNS domains.5
ACTIVE DIRECTORY TREES
CONTOSO.COM
US.CONTOSO.COM
SharedSchema
Configuration
Global CatalogOHIO.US.CONTOSO.COM
• A tree is a grouping of domains that forms a contiguous namespace. • A contiguous namespace is a set of domain names in which each child
adds one or more identifiers to the beginning of the parent DNS name. • For example, if the parent domain was iium.edu.my and the child domain
was cita.iium.edu.my, these two would form a contiguous namespace.6
ACTIVE DIRECTORY FORESTS
US.CONTOSO.COM
FABRIKAM.COM
UK.FABRIKAM.COM
CONTOSO.COM
Schema
Configuration
Global Catalo
g• A forest is composed of one or more trees. • Unlike a tree, a forest can contain several noncontiguous
namespaces 7
STARTING THE SERVICES
Type “dcpromo” and click “OK”.
You will see the first window of the wizard. As it suggests, I suggest reading the help associated with Active Directory. After this, click "Next"
8
Click "Next" on the compatibility window, and in the next window keep the default option of "Domain Controller for a new domain" selected, and click "Next"
9
DOMAIN CONTROLLER
Now we will install the Domain Controller, select this service from the Manage Server.
We want to create a new domain.
10
DOMAIN FOREST In Windows Server, you can connect your domain to an existing domain structure, or you can start from scratch.
We will create a new forest for our domain.
11
DNS DNS is integrated with the Domain Controller.
Select the second option – Have the computer install DNS for you.
12
DOMAIN NAME Now you need to select a domain name. It should be the same name you used in the DHCP (i.e. TIHE.ORG)
13
NETBIOS DOMAIN NAME The computer will choose a netbios name for your domain. Click next.
Database and Log Folders The computer will select a path for this entry. Click next.
14
Shared System Volume The SYSVOL folder is a public share, where things like .MSI
software packages can be kept when you will distribute packages
The computer will select a DEFAULT path for this entry. Click next.
15
DNS REGISTRATION Now we will get a message that basically says that you will need a DNS server in order for everything to work the way we want it .
As mentioned earlier, we will install the DNS server on this same machine , but it can be installed elsewhere. So keep the default selection of "Install and configure“ second option, and click “Next”.
16
PERMISSIONS we keep the default of "Permissions compatible only with Windows 2000 or Windows Server 2003 operating systems" and click "Next"
17
Restore Mode Password The restore mode password is the single password that all
administrators hope to never use, however they should also never forget it because this is the single password that might save a failed server.
Make sure it's easy to remember but difficult to guess
18
SUMMARY Now we will see a summary of what will happen. Make sure it's all correct because changing it afterwards can prove to be difficult.
19
After the previous next was clicked, the actual process occurs. This can take several minutes. It's likely that you will be prompted for your Windows Server 2003 CD (for DNS) so have it handy
20
GIVE STATIC IP If your computer has a dynamically assigned address (from DHCP) you will be prompted to give it a static IP address. Click ok, and then in the Local Area Connection properties, click "Internet Protocol (TCP/IP)" and then "Properties"
21
In the next window select "Use the following IP address" and select the information that you will use for your domain (and 127.0.0.1 for the primary DNS, because your computer will host DNS. I still suggest setting up an alternate as well.) Click "OK" and then "Close" on the next window
22
And after a while you will see…… And we're finished.
23
THANKYOU
Q & A
For My Slides and Handoutshttp://zeeshanacademy.blogspot.com/https://www.facebook.com/drzeeshanacademy